[Rpm-maint] [rpm-software-management/rpm] RFE: read sources checksums from the SPEC file and verify them (#463)

Dirk Mueller notifications at github.com
Fri Jul 14 13:54:18 UTC 2023


> > This is an orthogonal discussion. you can have multiple variants in both suggestions of mine (also in the fragmet suffix)
> 
> Maybe you din't notice but I've proposed not one but two variants. Main point which I've added is to use pk11 like csum format. From that point of view everything from my point of view is secondary.

I did notice, but I mapped that to PKCS#11 uris which are of the form `pkcs11:key=value` so I wasn't able to get the point. we can have such format if it doesn't include '/', that would be then:

```spec
Source: https://url#pkcs11:sha256=<checksum>/filename.tar.gz
```

we could also do
```spec
Source: https://url#pkcs11://sha256=<checksum>/filename.tar.gz
```



-- 
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/463#issuecomment-1635900208
You are receiving this because you are subscribed to this thread.

Message ID: <rpm-software-management/rpm/issues/463/1635900208 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20230714/586d6102/attachment-0001.html>


More information about the Rpm-maint mailing list